##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

#404 API extensions for showing permission for users...
#404 API extensions for showing permission for users - added permissions to get_user function - added last_login to get_user and get_users function - modified custom JSON encoder to handle non standard python types, like set, OrderedDict, datetime, date
marcink - - Load All Authors

File last commit:

r2129:43481c3d beta
r2151:12ceeda3 beta
Show More
test_models.py
715 lines | 28.3 KiB | text/x-python | PythonLexer
/ rhodecode / tests / test_models.py
History | Source | Raw |Copy content |Copy permalink
marcink
implements #226 repo groups available by path...
 r1538 import os
marcink
Fixes issue #201...
 r1373 import unittest
from rhodecode.tests import *
marcink
implements #226 repo groups available by path...
 r1538
from rhodecode.model.repos_group import ReposGroupModel
marcink
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
 r1539 from rhodecode.model.repo import RepoModel
marcink
Tests updates, Session refactoring
 r1713 from rhodecode.model.db import RepoGroup, User, Notification, UserNotification, \
marcink
#399 added inheritance of permissions for users group on repos groups
 r2129 UsersGroup, UsersGroupMember, Permission, UsersGroupRepoGroupToPerm
marcink
implements #226 repo groups available by path...
 r1538 from sqlalchemy.exc import IntegrityError
marcink
#302 - basic notification system, models+tests
 r1702 from rhodecode.model.user import UserModel
marcink
Tests updates, Session refactoring
 r1713 from rhodecode.model.meta import Session
from rhodecode.model.notification import NotificationModel
from rhodecode.model.users_group import UsersGroupModel
marcink
#227 Initial version of repository groups permissions system...
 r1982 from rhodecode.lib.auth import AuthUser
def _make_group(path, desc='desc', parent_id=None,
skip_if_exists=False):
gr = RepoGroup.get_by_group_name(path)
if gr and skip_if_exists:
return gr
gr = ReposGroupModel().create(path, desc, parent_id)
return gr
marcink
implements #226 repo groups available by path...
 r1538
class TestReposGroups(unittest.TestCase):
def setUp(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 self.g1 = _make_group('test1', skip_if_exists=True)
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 Session.commit()
marcink
#227 Initial version of repository groups permissions system...
 r1982 self.g2 = _make_group('test2', skip_if_exists=True)
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 Session.commit()
marcink
#227 Initial version of repository groups permissions system...
 r1982 self.g3 = _make_group('test3', skip_if_exists=True)
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 Session.commit()
marcink
implements #226 repo groups available by path...
 r1538
def tearDown(self):
print 'out'
def __check_path(self, *path):
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 """
Checks the path for existance !
"""
marcink
implements #226 repo groups available by path...
 r1538 path = [TESTS_TMP_PATH] + list(path)
path = os.path.join(*path)
return os.path.isdir(path)
def _check_folders(self):
print os.listdir(TESTS_TMP_PATH)
def __delete_group(self, id_):
ReposGroupModel().delete(id_)
def __update_group(self, id_, path, desc='desc', parent_id=None):
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 form_data = dict(
group_name=path,
group_description=desc,
group_parent_id=parent_id,
perms_updates=[],
perms_new=[]
)
marcink
implements #226 repo groups available by path...
 r1538 gr = ReposGroupModel().update(id_, form_data)
return gr
def test_create_group(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 g = _make_group('newGroup')
marcink
implements #226 repo groups available by path...
 r1538 self.assertEqual(g.full_path, 'newGroup')
self.assertTrue(self.__check_path('newGroup'))
def test_create_same_name_group(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 self.assertRaises(IntegrityError, lambda:_make_group('newGroup'))
marcink
commit less models...
 r1749 Session.rollback()
marcink
implements #226 repo groups available by path...
 r1538
def test_same_subgroup(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 sg1 = _make_group('sub1', parent_id=self.g1.group_id)
marcink
implements #226 repo groups available by path...
 r1538 self.assertEqual(sg1.parent_group, self.g1)
self.assertEqual(sg1.full_path, 'test1/sub1')
self.assertTrue(self.__check_path('test1', 'sub1'))
marcink
#227 Initial version of repository groups permissions system...
 r1982 ssg1 = _make_group('subsub1', parent_id=sg1.group_id)
marcink
implements #226 repo groups available by path...
 r1538 self.assertEqual(ssg1.parent_group, sg1)
self.assertEqual(ssg1.full_path, 'test1/sub1/subsub1')
self.assertTrue(self.__check_path('test1', 'sub1', 'subsub1'))
def test_remove_group(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 sg1 = _make_group('deleteme')
marcink
implements #226 repo groups available by path...
 r1538 self.__delete_group(sg1.group_id)
marcink
refactoring of models names for repoGroup permissions
 r1633 self.assertEqual(RepoGroup.get(sg1.group_id), None)
marcink
implements #226 repo groups available by path...
 r1538 self.assertFalse(self.__check_path('deteteme'))
marcink
#227 Initial version of repository groups permissions system...
 r1982 sg1 = _make_group('deleteme', parent_id=self.g1.group_id)
marcink
implements #226 repo groups available by path...
 r1538 self.__delete_group(sg1.group_id)
marcink
refactoring of models names for repoGroup permissions
 r1633 self.assertEqual(RepoGroup.get(sg1.group_id), None)
marcink
implements #226 repo groups available by path...
 r1538 self.assertFalse(self.__check_path('test1', 'deteteme'))
def test_rename_single_group(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 sg1 = _make_group('initial')
marcink
implements #226 repo groups available by path...
 r1538
new_sg1 = self.__update_group(sg1.group_id, 'after')
self.assertTrue(self.__check_path('after'))
marcink
refactoring of models names for repoGroup permissions
 r1633 self.assertEqual(RepoGroup.get_by_group_name('initial'), None)
marcink
implements #226 repo groups available by path...
 r1538
def test_update_group_parent(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 sg1 = _make_group('initial', parent_id=self.g1.group_id)
marcink
implements #226 repo groups available by path...
 r1538
new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g1.group_id)
self.assertTrue(self.__check_path('test1', 'after'))
marcink
refactoring of models names for repoGroup permissions
 r1633 self.assertEqual(RepoGroup.get_by_group_name('test1/initial'), None)
marcink
implements #226 repo groups available by path...
 r1538
new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g3.group_id)
self.assertTrue(self.__check_path('test3', 'after'))
marcink
refactoring of models names for repoGroup permissions
 r1633 self.assertEqual(RepoGroup.get_by_group_name('test3/initial'), None)
marcink
implements #226 repo groups available by path...
 r1538
new_sg1 = self.__update_group(sg1.group_id, 'hello')
self.assertTrue(self.__check_path('hello'))
marcink
refactoring of models names for repoGroup permissions
 r1633 self.assertEqual(RepoGroup.get_by_group_name('hello'), new_sg1)
marcink
implements #226 repo groups available by path...
 r1538
marcink
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
 r1539 def test_subgrouping_with_repo(self):
marcink
#227 Initial version of repository groups permissions system...
 r1982 g1 = _make_group('g1')
g2 = _make_group('g2')
marcink
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
 r1539
# create new repo
form_data = dict(repo_name='john',
repo_name_full='john',
fork_name=None,
description=None,
repo_group=None,
private=False,
repo_type='hg',
clone_uri=None)
cur_user = User.get_by_username(TEST_USER_ADMIN_LOGIN)
r = RepoModel().create(form_data, cur_user)
self.assertEqual(r.repo_name, 'john')
# put repo into group
form_data = form_data
form_data['repo_group'] = g1.group_id
form_data['perms_new'] = []
form_data['perms_updates'] = []
RepoModel().update(r.repo_name, form_data)
self.assertEqual(r.repo_name, 'g1/john')
self.__update_group(g1.group_id, 'g1', parent_id=g2.group_id)
self.assertTrue(self.__check_path('g2', 'g1'))
# test repo
self.assertEqual(r.repo_name, os.path.join('g2', 'g1', r.just_name))
marcink
#227 Initial version of repository groups permissions system...
 r1982
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 def test_move_to_root(self):
g1 = _make_group('t11')
Session.commit()
g2 = _make_group('t22',parent_id=g1.group_id)
Session.commit()
marcink
added tests for users_group and issue #373
 r2064
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 self.assertEqual(g2.full_path,'t11/t22')
self.assertTrue(self.__check_path('t11', 't22'))
marcink
added tests for users_group and issue #373
 r2064
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 g2 = self.__update_group(g2.group_id, 'g22', parent_id=None)
Session.commit()
marcink
added tests for users_group and issue #373
 r2064
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059 self.assertEqual(g2.group_name,'g22')
# we moved out group from t1 to '' so it's full path should be 'g2'
self.assertEqual(g2.full_path,'g22')
self.assertFalse(self.__check_path('t11', 't22'))
self.assertTrue(self.__check_path('g22'))
marcink
added tests for users_group and issue #373
 r2064
marcink
fixes issue #366 setting null on parent_group didn't propagate to actually db field....
 r2059
marcink
Tests updates, Session refactoring
 r1713 class TestUser(unittest.TestCase):
marcink
fixed repo_create permission by adding missing commit statements...
 r1758 def __init__(self, methodName='runTest'):
Session.remove()
super(TestUser, self).__init__(methodName=methodName)
marcink
auto white-space removal
 r1818
marcink
Tests updates, Session refactoring
 r1713 def test_create_and_remove(self):
usr = UserModel().create_or_update(username=u'test_user', password=u'qweqwe',
email=u'u232@rhodecode.org',
name=u'u1', lastname=u'u1')
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual(User.get_by_username(u'test_user'), usr)
# make users group
marcink
another major refactoring with session management
 r1734 users_group = UsersGroupModel().create('some_example_group')
marcink
commit less models...
 r1749 Session.commit()
marcink
another major refactoring with session management
 r1734
marcink
Tests updates, Session refactoring
 r1713 UsersGroupModel().add_user_to_group(users_group, usr)
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713
self.assertEqual(UsersGroup.get(users_group.users_group_id), users_group)
self.assertEqual(UsersGroupMember.query().count(), 1)
UserModel().delete(usr.user_id)
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713
self.assertEqual(UsersGroupMember.query().all(), [])
marcink
fixes #260 Put repo in group, then move group to another group -> repo becomes unavailable
 r1539
marcink
#302 - basic notification system, models+tests
 r1702 class TestNotifications(unittest.TestCase):
marcink
Tests updates, Session refactoring
 r1713 def __init__(self, methodName='runTest'):
marcink
fixed repo_create permission by adding missing commit statements...
 r1758 Session.remove()
marcink
Tests updates, Session refactoring
 r1713 self.u1 = UserModel().create_or_update(username=u'u1',
password=u'qweqwe',
email=u'u1@rhodecode.org',
marcink
another major refactoring with session management
 r1734 name=u'u1', lastname=u'u1')
Session.commit()
self.u1 = self.u1.user_id
marcink
Tests updates, Session refactoring
 r1713 self.u2 = UserModel().create_or_update(username=u'u2',
password=u'qweqwe',
email=u'u2@rhodecode.org',
marcink
another major refactoring with session management
 r1734 name=u'u2', lastname=u'u3')
Session.commit()
self.u2 = self.u2.user_id
marcink
Tests updates, Session refactoring
 r1713 self.u3 = UserModel().create_or_update(username=u'u3',
password=u'qweqwe',
email=u'u3@rhodecode.org',
marcink
another major refactoring with session management
 r1734 name=u'u3', lastname=u'u3')
Session.commit()
self.u3 = self.u3.user_id
marcink
Tests updates, Session refactoring
 r1713 super(TestNotifications, self).__init__(methodName=methodName)
marcink
#302 - basic notification system, models+tests
 r1702
marcink
Tests updates, Session refactoring
 r1713 def _clean_notifications(self):
for n in Notification.query().all():
marcink
commit less models...
 r1749 Session.delete(n)
marcink
Tests updates, Session refactoring
 r1713
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual(Notification.query().all(), [])
marcink
#302 - basic notification system, models+tests
 r1702
marcink
fixed repo_create permission by adding missing commit statements...
 r1758 def tearDown(self):
self._clean_notifications()
marcink
#302 - basic notification system, models+tests
 r1702
def test_create_notification(self):
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual([], Notification.query().all())
self.assertEqual([], UserNotification.query().all())
marcink
#302 - basic notification system, models+tests
 r1702 usrs = [self.u1, self.u2]
marcink
Tests updates, Session refactoring
 r1713 notification = NotificationModel().create(created_by=self.u1,
marcink
Notification system improvements...
 r1712 subject=u'subj', body=u'hi there',
marcink
fixed tests
 r1709 recipients=usrs)
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713 u1 = User.get(self.u1)
u2 = User.get(self.u2)
u3 = User.get(self.u3)
marcink
Notification system improvements...
 r1712 notifications = Notification.query().all()
self.assertEqual(len(notifications), 1)
marcink
#302 - basic notification system, models+tests
 r1702 unotification = UserNotification.query()\
.filter(UserNotification.notification == notification).all()
marcink
Notification system improvements...
 r1712
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual(notifications[0].recipients, [u1, u2])
marcink
fixed tests
 r1709 self.assertEqual(notification.notification_id,
notifications[0].notification_id)
marcink
#302 - basic notification system, models+tests
 r1702 self.assertEqual(len(unotification), len(usrs))
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual([x.user.user_id for x in unotification], usrs)
marcink
#302 - basic notification system, models+tests
 r1702 def test_user_notifications(self):
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual([], Notification.query().all())
self.assertEqual([], UserNotification.query().all())
notification1 = NotificationModel().create(created_by=self.u1,
subject=u'subj', body=u'hi there1',
marcink
fixed tests
 r1709 recipients=[self.u3])
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713 notification2 = NotificationModel().create(created_by=self.u1,
subject=u'subj', body=u'hi there2',
marcink
fixed tests
 r1709 recipients=[self.u3])
marcink
commit less models...
 r1749 Session.commit()
u3 = Session.query(User).get(self.u3)
marcink
Tests updates, Session refactoring
 r1713
self.assertEqual(sorted([x.notification for x in u3.notifications]),
sorted([notification2, notification1]))
marcink
#302 - basic notification system, models+tests
 r1702
def test_delete_notifications(self):
marcink
Tests updates, Session refactoring
 r1713 self.assertEqual([], Notification.query().all())
self.assertEqual([], UserNotification.query().all())
notification = NotificationModel().create(created_by=self.u1,
marcink
Notification system improvements...
 r1712 subject=u'title', body=u'hi there3',
marcink
fixed tests
 r1709 recipients=[self.u3, self.u1, self.u2])
marcink
commit less models...
 r1749 Session.commit()
marcink
#302 - basic notification system, models+tests
 r1702 notifications = Notification.query().all()
self.assertTrue(notification in notifications)
Notification.delete(notification.notification_id)
marcink
commit less models...
 r1749 Session.commit()
marcink
#302 - basic notification system, models+tests
 r1702
notifications = Notification.query().all()
self.assertFalse(notification in notifications)
un = UserNotification.query().filter(UserNotification.notification
== notification).all()
self.assertEqual(un, [])
marcink
Tests updates, Session refactoring
 r1713
def test_delete_association(self):
self.assertEqual([], Notification.query().all())
self.assertEqual([], UserNotification.query().all())
notification = NotificationModel().create(created_by=self.u1,
subject=u'title', body=u'hi there3',
recipients=[self.u3, self.u1, self.u2])
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713
unotification = UserNotification.query()\
.filter(UserNotification.notification ==
notification)\
.filter(UserNotification.user_id == self.u3)\
.scalar()
self.assertEqual(unotification.user_id, self.u3)
NotificationModel().delete(self.u3,
notification.notification_id)
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713
marcink
fixed bug with eager deletes in notifications...
 r1733 u3notification = UserNotification.query()\
marcink
Tests updates, Session refactoring
 r1713 .filter(UserNotification.notification ==
notification)\
.filter(UserNotification.user_id == self.u3)\
.scalar()
marcink
fixed bug with eager deletes in notifications...
 r1733 self.assertEqual(u3notification, None)
# notification object is still there
self.assertEqual(Notification.query().all(), [notification])
#u1 and u2 still have assignments
u1notification = UserNotification.query()\
.filter(UserNotification.notification ==
notification)\
.filter(UserNotification.user_id == self.u1)\
.scalar()
self.assertNotEqual(u1notification, None)
u2notification = UserNotification.query()\
.filter(UserNotification.notification ==
notification)\
.filter(UserNotification.user_id == self.u2)\
.scalar()
self.assertNotEqual(u2notification, None)
marcink
Tests updates, Session refactoring
 r1713 def test_notification_counter(self):
self._clean_notifications()
self.assertEqual([], Notification.query().all())
self.assertEqual([], UserNotification.query().all())
NotificationModel().create(created_by=self.u1,
subject=u'title', body=u'hi there_delete',
recipients=[self.u3, self.u1])
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713
self.assertEqual(NotificationModel()
.get_unread_cnt_for_user(self.u1), 1)
self.assertEqual(NotificationModel()
.get_unread_cnt_for_user(self.u2), 0)
self.assertEqual(NotificationModel()
.get_unread_cnt_for_user(self.u3), 1)
notification = NotificationModel().create(created_by=self.u1,
subject=u'title', body=u'hi there3',
recipients=[self.u3, self.u1, self.u2])
marcink
commit less models...
 r1749 Session.commit()
marcink
Tests updates, Session refactoring
 r1713
self.assertEqual(NotificationModel()
.get_unread_cnt_for_user(self.u1), 2)
self.assertEqual(NotificationModel()
.get_unread_cnt_for_user(self.u2), 1)
self.assertEqual(NotificationModel()
.get_unread_cnt_for_user(self.u3), 2)
marcink
fixed repo_create permission by adding missing commit statements...
 r1758
marcink
#227 Initial version of repository groups permissions system...
 r1982
marcink
fixed repo_create permission by adding missing commit statements...
 r1758 class TestUsers(unittest.TestCase):
def __init__(self, methodName='runTest'):
super(TestUsers, self).__init__(methodName=methodName)
def setUp(self):
self.u1 = UserModel().create_or_update(username=u'u1',
password=u'qweqwe',
email=u'u1@rhodecode.org',
marcink
auto white-space removal
 r1818 name=u'u1', lastname=u'u1')
marcink
fixed repo_create permission by adding missing commit statements...
 r1758
def tearDown(self):
perm = Permission.query().all()
for p in perm:
UserModel().revoke_perm(self.u1, p)
marcink
auto white-space removal
 r1818
marcink
fixed repo_create permission by adding missing commit statements...
 r1758 UserModel().delete(self.u1)
Session.commit()
def test_add_perm(self):
perm = Permission.query().all()[0]
UserModel().grant_perm(self.u1, perm)
Session.commit()
self.assertEqual(UserModel().has_perm(self.u1, perm), True)
def test_has_perm(self):
perm = Permission.query().all()
for p in perm:
has_p = UserModel().has_perm(self.u1, p)
self.assertEqual(False, has_p)
def test_revoke_perm(self):
perm = Permission.query().all()[0]
UserModel().grant_perm(self.u1, perm)
Session.commit()
self.assertEqual(UserModel().has_perm(self.u1, perm), True)
#revoke
UserModel().revoke_perm(self.u1, perm)
Session.commit()
marcink
#227 Initial version of repository groups permissions system...
 r1982 self.assertEqual(UserModel().has_perm(self.u1, perm), False)
class TestPermissions(unittest.TestCase):
def __init__(self, methodName='runTest'):
super(TestPermissions, self).__init__(methodName=methodName)
def setUp(self):
self.u1 = UserModel().create_or_update(
username=u'u1', password=u'qweqwe',
email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1'
)
marcink
fixed #397 Private repository groups shows up before login...
 r2124 self.u2 = UserModel().create_or_update(
username=u'u2', password=u'qweqwe',
email=u'u2@rhodecode.org', name=u'u2', lastname=u'u2'
)
self.anon = User.get_by_username('default')
marcink
#227 Initial version of repository groups permissions system...
 r1982 self.a1 = UserModel().create_or_update(
username=u'a1', password=u'qweqwe',
email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True
)
Session.commit()
def tearDown(self):
marcink
fixed #397 Private repository groups shows up before login...
 r2124 if hasattr(self, 'test_repo'):
RepoModel().delete(repo=self.test_repo)
marcink
#227 Initial version of repository groups permissions system...
 r1982 UserModel().delete(self.u1)
marcink
fixed #397 Private repository groups shows up before login...
 r2124 UserModel().delete(self.u2)
marcink
#227 Initial version of repository groups permissions system...
 r1982 UserModel().delete(self.a1)
if hasattr(self, 'g1'):
ReposGroupModel().delete(self.g1.group_id)
if hasattr(self, 'g2'):
ReposGroupModel().delete(self.g2.group_id)
if hasattr(self, 'ug1'):
UsersGroupModel().delete(self.ug1, force=True)
Session.commit()
def test_default_perms_set(self):
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
new_perm = 'repository.write'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm)
Session.commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], new_perm)
def test_default_admin_perms_set(self):
a1_auth = AuthUser(user_id=self.a1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.admin']),
'repositories': {u'vcs_test_hg': u'repository.admin'}
}
self.assertEqual(a1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
new_perm = 'repository.write'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.a1, perm=new_perm)
Session.commit()
# cannot really downgrade admins permissions !? they still get's set as
# admin !
u1_auth = AuthUser(user_id=self.a1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
def test_default_group_perms(self):
self.g1 = _make_group('test1', skip_if_exists=True)
self.g2 = _make_group('test2', skip_if_exists=True)
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {u'test1': 'group.read', u'test2': 'group.read'},
'global': set([u'hg.create.repository', u'repository.read', u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
def test_default_admin_group_perms(self):
self.g1 = _make_group('test1', skip_if_exists=True)
self.g2 = _make_group('test2', skip_if_exists=True)
a1_auth = AuthUser(user_id=self.a1.user_id)
perms = {
'repositories_groups': {u'test1': 'group.admin', u'test2': 'group.admin'},
'global': set(['hg.admin']),
'repositories': {u'vcs_test_hg': 'repository.admin'}
}
self.assertEqual(a1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
self.assertEqual(a1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
def test_propagated_permission_from_users_group(self):
# make group
self.ug1 = UsersGroupModel().create('G1')
# add user to group
UsersGroupModel().add_user_to_group(self.ug1, self.u1)
# set permission to lower
new_perm = 'repository.none'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm)
Session.commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm)
# grant perm for group this should override permission from user
new_perm = 'repository.write'
RepoModel().grant_users_group_permission(repo=HG_REPO,
group_name=self.ug1,
perm=new_perm)
# check perms
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm)
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
def test_propagated_permission_from_users_group_lower_weight(self):
# make group
self.ug1 = UsersGroupModel().create('G1')
# add user to group
UsersGroupModel().add_user_to_group(self.ug1, self.u1)
# set permission to lower
new_perm_h = 'repository.write'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1,
perm=new_perm_h)
Session.commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm_h)
# grant perm for group this should NOT override permission from user
# since it's lower than granted
new_perm_l = 'repository.read'
RepoModel().grant_users_group_permission(repo=HG_REPO,
group_name=self.ug1,
perm=new_perm_l)
# check perms
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.write'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm_h)
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
marcink
fixed #397 Private repository groups shows up before login...
 r2124
def test_repo_in_group_permissions(self):
self.g1 = _make_group('group1', skip_if_exists=True)
self.g2 = _make_group('group2', skip_if_exists=True)
Session.commit()
# both perms should be read !
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.read', u'group2': u'group.read'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.read', u'group2': u'group.read'})
#Change perms to none for both groups
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.anon,
perm='group.none')
ReposGroupModel().grant_user_permission(repos_group=self.g2,
user=self.anon,
perm='group.none')
marcink
#399 added inheritance of permissions for users group on repos groups
 r2129
marcink
fixed #397 Private repository groups shows up before login...
 r2124 u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
# add repo to group
form_data = {
'repo_name':HG_REPO,
'repo_name_full':os.path.join(self.g1.group_name,HG_REPO),
'repo_type':'hg',
'clone_uri':'',
'repo_group':self.g1.group_id,
'description':'desc',
'private':False
}
self.test_repo = RepoModel().create(form_data, cur_user=self.u1)
Session.commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
#grant permission for u2 !
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.u2,
perm='group.read')
ReposGroupModel().grant_user_permission(repos_group=self.g2,
user=self.u2,
perm='group.read')
Session.commit()
self.assertNotEqual(self.u1, self.u2)
#u1 and anon should have not change perms while u2 should !
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
u2_auth = AuthUser(user_id=self.u2.user_id)
self.assertEqual(u2_auth.permissions['repositories_groups'],
{u'group1': u'group.read', u'group2': u'group.read'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
marcink
#399 added inheritance of permissions for users group on repos groups
 r2129
def test_repo_group_user_as_user_group_member(self):
# create Group1
self.g1 = _make_group('group1', skip_if_exists=True)
Session.commit()
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.read'})
# set default permission to none
ReposGroupModel().grant_user_permission(repos_group=self.g1,
user=self.anon,
perm='group.none')
# make group
self.ug1 = UsersGroupModel().create('G1')
# add user to group
UsersGroupModel().add_user_to_group(self.ug1, self.u1)
Session.commit()
# check if user is in the group
membrs = [x.user_id for x in UsersGroupModel().get(self.ug1.users_group_id).members]
self.assertEqual(membrs, [self.u1.user_id])
# add some user to that group
# check his permissions
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
# grant ug1 read permissions for
ReposGroupModel().grant_users_group_permission(repos_group=self.g1,
group_name=self.ug1,
perm='group.read')
Session.commit()
# check if the
obj = Session.query(UsersGroupRepoGroupToPerm)\
.filter(UsersGroupRepoGroupToPerm.group == self.g1)\
.filter(UsersGroupRepoGroupToPerm.users_group == self.ug1)\
.scalar()
self.assertEqual(obj.permission.permission_name, 'group.read')
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.read'})